Security expert Dave Piscitello offers tried-and-true practices for identifying and alleviating security risks, and implementing guidelines that will protect your company from the next nasty threat. Here, Dave covers the ten most commonly overlooked security hazards and easy ways to prevent them from placing your network at risk.

Lax policy definition and enforcement – You cannot determine compliance to, enforce, or demand accountability to a policy if you don't have and maintain one.

Overly permissive access policies – Access is one example where more is not better.

Single line of defense - Does your security resemble a soft-boiled egg?

Default installations of software - These are among the most common flaws, and often lead to escalated privilege attacks.

Default and vulnerable configurations - Under most default conditions, devices join networks, even when this is not good for security.

Weak authentication methods - You must apply two or more credentialing criteria.

Inadequate auditing, logging, analysis - Auditing is not an in- depth activity in most organizations, but it should be.

Dave Piscitello is an authority on network security with more than 30 years experience in data networking and telecommunications. Dave is President of Core Competence Inc., founder and program manager of The Internet Security Conference, and chairman of Networld+Interop's Security Conference. Dave has authored books on internetworking and remote access, and regularly publishes articles on a variety of subjects including switched internetworking, ATM and Gigabit Ethernet, Internet security, and virtual private networking.

E-Handbook

0 comments

E-Mail

Username / Password

Password

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy